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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
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earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )I3 Responsive to communication(s) filed on 04 October 2005 . 
2a)n This action is FINAL. 2b)|E This action is non-final. 

3) D Since this application is in condition for allowance except for fomial matters, prosecution as to the merits is 

closed In accordance with the practice under £x parte Quay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) 13 Claim(s) 1-9,11-20 and 22-35 is/are pending in the application. 

4a) Of the above clalm(s) Is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) 13 Claim(s) 1-9,11-20 and 22-35 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)0 The drawing(s) filed on is/are: a)^ accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) Is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or fomi PTO-152. 
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application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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Status of Claims 

1 . Claims 1 -20 and 22-35 have been examined. 

Response to Amendments 

2. Regarding persistent storage of the serialized file this is merely functional 
language (claims 1 and 17) and it has been held that an apparatus claim must 
differ from the prior art in terms of structure rather than function alone (MPEP 
21 14). Therefore, as Ginter et al. teach storing a certificate ('900, column 21 1, 
lines 39-63) and, "file serialization" is known, to those of ordinary skill Applicant's 
storing of the encrypted serial file such that it can "persist beyond the time the 
key management system is active does not distinguish Applicant's serialization 
module from the prior art. 

Claim Rejections - 35 USC § 101 

3. 35 U.S.C. 101 reads as follows: 



Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 



Application/Control Number: 10/037,153 



Art Unit: 3621 



Page 3 



4. Claims 1 8-20 and 22-34 are rejected under 35 U.S.C. 1 01 because the 
claimed invention is directed to non-statutory subject matter. 

Claims 18 and 34 desaibe an algorithm. The "usefulness" of such an 
algorithm is not apparent, as the outcome merely results in the storage of a 
number or similar mathematical construct, and was produced without 
transformation of the data by a machine such as a computer. Hence the claimed 
invention does not produce useful, concrete and tangible result {State Street 
Bank & Trust Co. v. Signature Financial Group Inc., 149 F.3d 1368, 1373, 47 
USPQ2d 1596. 1600 (Fed. Cir. 1998)). 

Claims 1 9-33 are also rejected as they depend from claim 1 8. 

Claim Rejections - 35 USC §112 

5. The following is a quotation of the second paragraph of 35 U.S.C. 1 1 2: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

6. Claims 1-20 and 22-35 are rejected under 35 U.S.C. 112, second 
paragraph, as being indefinite for failing to particularly point out and distinctly 
claim the subject matter which applicant regards as the invention. 

The term "is active" in claims 1 , 17, 18, 34 and 35 is a relative term which 
renders the claim indefinite. The term "active" is not defined by the claim, the 
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specification does not provide a standard for ascertaining tlie requisite degree, 
and one of ordinary skill in the art would not be reasonably apprised of the scope 
of the invention. 

Claims 2-9, 11-16, 19, 20, and 22-33 are also rejected as each depends 
from either claim 1 or 18. 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

8. Claims 1-9 and 11-17 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Auerbach et al., U.S. Patent No. 5,673,316 in view of Ginter et 
al. U.S. Patent No. 5,892,900 and Ginter et al. U.S. Patent No. 6,658,568. 

As per claims 1-9 and 11-17, Auerbach et al. teach a network system for 
key management comprising: 

• a server (figure 1 ; column 2, lines 11-15) 

• a key management system providing process logic for key 
management system initialization located on the server, secure data 
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storage and an interface for providing a means for inputting data into 
key management system (figure 1 ; column 2, lines 11-15; column 9, 
lines 40-48) and using data to generate a key (column/line 4/65-5/8) 

• a client computer, comprising a user interface (GUI or browser) for 
inputting data into the key management system, connected to the 
server (figure 1 ; column 1, lines 54-60; column 6, lines 50-61; column 
8, lines 5-15; column/line 8/45-9/10) 

• key management storage located on a server or on a second server 
connected to the server (figure 1 ; column 2, lines 10-15) 

Auerbach et al. also disclose a randomizer for randomizing data, key generation 
tool for generating symmetric and asymmetric keys, and MD5 hashing functions 
(column/line 4/65-5/26). Regarding an encrypted connection between client and 
server, Auerbach et al. disclose a user purchasing content using an account 
number exchanged between client and server (column/line 6/67-7/5; column 8, 
lines 52-54). Auerbach et al. also disclose securing this exchange using standard 
cryptographic techniques (column 8, lines 58-62; column 10, lines 35-40). VPNs, 
SET, TLS and SSL are well known cryptographic technologies for forming a 
secure connection between computers communicating over a network, therefore 
it would have been obvious to one of ordinary skill to protect the user account 
number or credit card number as it travels from buyer to server (figure 1 ). 
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Auerbach et al. also teaches a memory in the key management system for 
storing data such as a key encryption key (column 5, lines 7-12) and encrypting 
module for encrypting data (column 6, lines 22-27), however they do not 
specifically recite a key nranagement system that perfornfis hashing of a key 
encryption key and creating a serialized file. Ginter et al. ('900) teach a system 
for secure content distribution (figures 1, 1A, 2, 5B and 79-82). Specifically, 
Ginter et al. ('900) teach a content seller (figures 79-82; column/line 63/65-64/15; 
column/line 86/63-87/18; column 1 12, lines 45-52; column/line 210/31-21 1/24) 
generating its own certificate using data from memory (e.g. CA private key, its 
own public/private key pair- column 21 1 , lines 45-58; column 212, lines 5-10) so 
that a user can trust the seller and its public key (column/line 210/31-21 1/24). 
Neither Auerbach et al. nor Ginter et al. ('900) specify a type of certificate. Ginter 
et al. ('568) teaches a certificate for authorizing entities in a secure content 
distribution environment (figures 12, 13, 22, 22A, and 23; column 30, lines 30-40; 
column 84, lines 4-18) where the certificate includes data from memory, a hash 
of public key and encrypting (or encoding) (column 84, lines 10-15) or encrypted 
(or encoded) data (column 84, lines 18-21). Regarding "serializing data", 
"serialization" is a well-known method for storing an object persistently. 
Therefore, it would have been obvious to serialize an object such as a digital 
certificate, in order to reconstitute it at a later time such as when a prospective 
buyer would like to authenticate content seller. Therefore, it would have been 



Application/Control Number: 10/037,153 



• Art Unit: 3621 



Page 7 



obvious to one of ordinary skill to combine the teachings of Auerbach et al., 
Ginter et al. and Ginter et al. In order to create a trusted electronic commerce 
environment by allowing the user to be able to authenticate the seller ('316, 
figure 1 ; '568, column 30, lines 30-40). 

9. Claims 1 8-20 and 22-35 are rejected under 35 U.S.C. 1 03(a) as being 

unpatentable over Auerbach et al., U.S. Patent No. 5,673,316 in view of 
Havemose, U.S. Patent No. 6,757,903. 

As per claims 18-20 and 22-35, Auerbach et al. teach: 

• entering data and a key encryption key into a key management 
system (abstract) 

• combining data into a tuple (e.g. document part and control part) 
(figure 2) 

• encrypting the tuple (encoding a key field of the tuple) with the key 
encryption key to aeate a token (abstract; figure 2) 

• hashing the encryption key (figure 3) 

• storing the token in a vector (column/line 3/58-4/2) 

• storing the hashed key (figures 2 and 3) 

• storing a list of keys (figures 2 and 3) 

• randomizing data (column 5, lines 1-8) 

• randomizing the list of keys and secret tokens (figure 3) 
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• generating data to encrypt (abstract; figure 2) 

• a tuple with an application, key, value and type field (figure 3) 

• key management storage located on a server or on a second 
server connected to the server (figure 1 ; column 2, lines 10-15) 

• a client computer, comprising a user interface (GUI or browser) for 
inputting data into the key management system, connected to the 
server (figure 1 ; column 1 , lines 54-60; column 6, lines 50-61 ; 
column 8, lines 5-15; column/line 8/45-9/10) 

Regarding "tagging" the method and system of Auerbach et al. is implemented 
using computer code (column/line 3/59-4/8). More specifically, Auerbach et al. 
teach cryptographic envelopes as executables, subroutines, modules or object 
components hence in order to be manipulated objects have to be defined (i.e. 
tag). Regarding algorithms, teach a key generation tool that comprises a 
symmetric algorithm (column 5, lines 1-8) and a key generation tool that 
comprise asymmetric algorithms, for example for encrypting and decrypting data 
exchanged by client and server (column 7, lines 30-42; column 8, lines 22-25 and 
58-63; column 9, lines 40-48; column 10, lines 35-40). Auerbach et al. do not 
specifically recite "serializing" a cryptographic envelope. Havemose teaches a 
system for more efficiently processing data objects using serialization (column 6, 
lines 28-50). Therefore, it would have been obvious to one of ordinary skill to 
combine the teachings of Auerbach et al. and Havemose in order to more 
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efficiently distribute dynamic objects ('903, column 12, lines 40-60) (such as the 
cryptographic envelopes of Auerbach et al. ('316, figure 3)) by making them 
platform and architecture neutral ('316, column/line 1/20-2/1; column 3, lines 6- 
35). 

Conclusion 

1 0. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure: 

• Milne discloses software object serialization for enabling persistent 
storage and for regenerating objects to be used at a later time 

• Maytas et al. teach a cryptosystem implemented using vectors 

1 1 . Any inquiry concerning this communication or earlier communications from 
the Examiner should be directed to Calvin Loyd Hewitt 11 whose telephone 
number is (571) 272-6709. The Examiner can normally be reached on Monday- 
Friday from 8:30 AM-5:00 PM. 

If attempts to reach the Examiner by telephone are unsuccessful, the 
Examiner's supervisor, James P. Trammell, can be reached at (571) 272-6712. 
Any response to this action should be mailed to: 
Commissioner of Patents and Trademarks 
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do Technology Center 2100 
Washington. D.C. 20231 

or faxed to: 

(571 ) 273-8300 (for formal communications intended for entry and 
after-final communications), 

or: 

(571 ) 273-6709 (for informal or draft communications, please label 
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